EUVD-2024-17229

Malicious code in bioql PyPI...

CVE-2023-6731

The WP Show Posts plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple AJAX functions in all versions up to, and including, 1.1.5. This makes it possible for authenticated attackers, with subscriber access and above, to view arbitrary pos...

Information disclosure

The WP Show Posts plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.4 via the wpspdisplay function. This makes it possible for authenticated attackers with contributor access and above to view the contents of draft, trash, future, priva...

CVE-2024-1479

CVE-2024-1479 affects the WordPress plugin WP Show Posts (up to and including version 1.1.4). The vulnerability arises in the wpsp_display function and could allow authenticated attackers with Contributor+ privileges to view content of drafts, trash, future, private, and pending posts/pages. The ...

CVE-2024-1479 WP Show Posts <= 1.1.4 - Information Exposure

The WP Show Posts plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.1.4 via the wpspdisplay function. This makes it possible for authenticated attackers with contributor access and above to view the contents of draft, trash, future, priva...

CVE-2022-4459

The WP Show Posts WordPress plugin before 1.1.4 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privileg...

CVE-2022-4459

The CVE-2022-4459 entry concerns the WordPress WP Show Posts plugin, affected versions are